diff --git a/hosts/plover/config/coredns/foodogsquared.one.zone b/hosts/plover/config/coredns/foodogsquared.one.zone index 697a4623..309f1ba4 100644 --- a/hosts/plover/config/coredns/foodogsquared.one.zone +++ b/hosts/plover/config/coredns/foodogsquared.one.zone @@ -1,18 +1,17 @@ ; This is trying to be discrete with certain information. This should be copied ; and replaced with more confidential information somewhere. $TTL 12h -$ORIGIN foodogsquared.one. -@ IN SOA ns1.first-ns.de. dns.hetzner.com. ( - 2023021501 ; serial number - 2h ; refresh +@ 3600 IN SOA ns1.first-ns.de. hostmaster.foodogsquared.one. ( + 2023021701 ; serial number + 1h ; refresh 15m ; update retry 3w ; expiry 3h ; nx = nxdomain ttl ) - IN NS ns1.first-ns.de. - IN NS robotns2.second-ns.de. - IN NS robotns3.second-ns.com. + 3600 IN NS ns1.first-ns.de. + 3600 IN NS robotns2.second-ns.de. + 3600 IN NS robotns3.second-ns.com. ; Setting up the mail-related DNS entries. ; For future references, please the see the following document at @@ -61,6 +60,9 @@ code IN AAAA @ploverPublicIPv6@ vpn IN A @ploverPublicIPv4@ vpn IN AAAA @ploverPublicIPv6@ +plover IN A @ploverPublicIPv4@ +plover IN AAAA @ploverPublicIPv6@ + ; Other things. _github-pages-challenge-foo-dogsquared IN TXT 673febae1ea0095e76d1e02a7a1709 diff --git a/hosts/plover/modules/services/coredns.nix b/hosts/plover/modules/services/coredns.nix index f7f3a88a..c7e95f33 100644 --- a/hosts/plover/modules/services/coredns.nix +++ b/hosts/plover/modules/services/coredns.nix @@ -91,8 +91,13 @@ in # https://docs.hetzner.com/dns-console/dns/general/dnssec config = '' . { - log - errors + log ${domain} ${fqdn} { + class success error + } + + errors { + consolidate 1m "^.* no next plugin found$" + } bind lo ${lib.concatStringsSep " " dnsListenAddresses} { # These are already taken from systemd-resolved. @@ -114,10 +119,6 @@ in block } - transfer ${domain} { - to * - } - # ${fqdn} DNS server blocks. This is an internal DNS server so we'll # only allow queries from the internal network. acl ${fqdn} { @@ -134,7 +135,13 @@ in answer "{{ .Name }} IN 60 AAAA ${interfaces.internal.IPv6.address}" } - file ${domainZoneFile'} + file ${domainZoneFile'} ${domain} { + reload 30s + } + + transfer ${domain} { + to ${lib.concatStringsSep " " secondaryNameServersIPs} + } } tls://. {